What are the rules on cookies?
We will walk you through the rules on website cookies and how to comply with EU data laws.
What are the rules on cookies?
The current rules on cookies stem from the ePrivacy Directive (2002 – revised 2009) also commonly known as the European Cookie Law.
If you have a website or webshop, you are subject to the rules on cookies regardless of your site being business, government, or privately owned.
The ePrivacy Directive clearly states that websites in Europe must collect their users’ consent (to cookies) to be able to store cookies onto the users’ computers and smartphones.
We will go through:
What do the rules on cookies mean for my website?
Specifically, it means that if your website uses cookies (first – or third-party cookies) you are responsible for informing your visitors in a cookie pop-up banner about your use of cookies.
At the same time, you must collect your visitors’ consent to cookies set from your website.
The consents must be stored securely for 5 years and will come in handy if you are subject to an oversight or inquiry by your national Data Protection Authority. In this case, they will want to see the documentation for your cookie consents.
Remember that the requirements for collecting and processing personal information have tightened with the General Data Protection Regulation (GDPR).
Checklist for valid consent
- Does your website have a cookie pop-up banner?
- Does your cookie pop-up collect and store valid consents?
- Are your visitors able to opt-out of cookies (decline cookies)?
- Does your cookie consent solution hold back cookies until you have obtained consent (prior consent)?
- Is there a description of all cookies, their purpose, and lifetime?
- Does your website have a complete list of all third-party cookies that receive data about your visitors?
